Cyber Security Architect (VP)

Social network you want to login/join with:

The Cyber Security Architect is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Responsibilities:

Plan, research, and design security architecture for IT systems and applications (internally developed as well as vendor supplied) for processing multiple classification levels of data on prem, and cloud.

Determine the security controls for above, document appropriately and partner with IT architecture/development stakeholders to implement during early in system development life cycle

Perform security architecture and risk assessment of internally developed or acquired IT systems and applications using best practices including threat modelling. Ensure that security design and controls are consistent with organization's security architecture principals.

Provide security recommendations including automated controls, configurations on projects, processes, risk exceptions, corrective action plans, and risk reduction initiatives

Collaborate with the internal and external technology teams to drive the development of strategies and plans for improving both architecture and application security

Establish relationships with cross-functional areas including Business, Technology, and Compliance stakeholders and serve as a SECURITY subject-matter expert

Manage risk by analyzing the root cause of security issues, determining compensating controls, and driving remediation

Support Global Information Security policies, standards, and initiatives development and implementation by representing in different Citi action groups such as Delegated Action Groups (DAG).

Qualifications:

6-10 years of relevant experience

Additional technical certifications are preferred

Demonstrated ability to research and apply current information regarding the IS field

Consistently demonstrates clear and concise written and verbal communication

Proven analytical skills

Threat modelling using industry standard methodologies ( STRIDE/DREAD) Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls

Security architecture assessments for one or more IT systems such as Web, Mobile, APIs/Microservices, Cloud (AWS/GCP/Azure/Oracle)

Strong knowledge of security for applications related to authentication / authorization, data protection, session management, data validation, and end point protections.

What we’ll provide you:

By joining Citi, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed), and enjoy a whole host of additional benefits such as:

27 days annual leave (plus bank holidays)

A discretional annual performance related bonus

Private Medical Care & Life Insurance

Employee Assistance Program

Pension Plan

Special discounts for employees, family, and friends

Access to an array of learning and development resources

Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self, every day. We want the best talent around the world to be energized to join us, motivated to stay and empowered to thrive.

#LI-MK2

------------------------------------------------------

Job Family Group:

Technology

The Cyber Security Architect is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Responsibilities:

Plan, research, and design security architecture for IT systems and applications (internally developed as well as vendor supplied) for processing multiple classification levels of data on prem, and cloud.

Determine the security controls for above, document appropriately and partner with IT architecture/development stakeholders to implement during early in system development life cycle

Perform security architecture and risk assessment of internally developed or acquired IT systems and applications using best practices including threat modelling. Ensure that security design and controls are consistent with organization's security architecture principals.

Provide security recommendations including automated controls, configurations on projects, processes, risk exceptions, corrective action plans, and risk reduction initiatives

Collaborate with the internal and external technology teams to drive the development of strategies and plans for improving both architecture and application security

Establish relationships with cross-functional areas including Business, Technology, and Compliance stakeholders and serve as a SECURITY subject-matter expert

Manage risk by analyzing the root cause of security issues, determining compensating controls, and driving remediation

Support Global Information Security policies, standards, and initiatives development and implementation by representing in different Citi action groups such as Delegated Action Groups (DAG).

Qualifications:

6-10 years of relevant experience

Additional technical certifications are preferred

Demonstrated ability to research and apply current information regarding the IS field

Consistently demonstrates clear and concise written and verbal communication

Proven analytical skills

Threat modelling using industry standard methodologies ( STRIDE/DREAD) Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls

Security architecture assessments for one or more IT systems such as Web, Mobile, APIs/Microservices, Cloud (AWS/GCP/Azure/Oracle)

Strong knowledge of security for applications related to authentication / authorization, data protection, session management, data validation, and end point protections.

What we’ll provide you:

By joining Citi, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed), and enjoy a whole host of additional benefits such as:

27 days annual leave (plus bank holidays)

A discretional annual performance related bonus

Private Medical Care & Life Insurance

Employee Assistance Program

Pension Plan

Paid Parental Leave

Special discounts for employees, family, and friends

Access to an array of learning and development resources

Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self, every day. We want the best talent around the world to be energized to join us, motivated to stay and empowered to thrive.

#LI-MK2

------------------------------------------------------

Job Family Group:

Technology

------------------------------------------------------

Job Family:

Information Security

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Most Relevant Skills

Please see the requirements listed above.

------------------------------------------------------

Other Relevant Skills

For complementary skills, please see above and/or contact the recruiter.

------------------------------------------------------